ftphosts(4)

NAME

SYNOPSIS

DESCRIPTION

The ftphosts file is used to allow or deny access to accounts from specified hosts. The following access capabilities are supported:

allow usernameaddrglob[addrglob...]

Only allow users to login as username from host(s) that match addrglob.

deny usernameaddrglob [addrglob...]

Do not allow users to login as username from host(s) that match addrglob.

A username of * matches all users. A username of anonymous or ftp specifies the anonymous user.

addrglob is a regular expression that is matched against hostnames or IP addresses. addrglob may also be in the form address:netmask or address/CIDR, or be the name of a file that starts with a slash ('/') and contains additional address globs. An exclamation mark (`!') placed before the addrglob negates the test.

The first allow or deny entry in the ftphosts file that matches a username and host is used. If no entry exists for a username, then access is allowed. Otherwise, a matching allow entry
is required to permit access.

EXAMPLES

You can use the following ftphosts file to allow anonymous access from any host except those on the class A network 10, with the exception of 10.0.0.* IP addresses, which are allowed access: